Logitech M185 and other wireless mice are susceptible to keystroke injection attacks

According to security researcher David Sopas, the popular Logitech M185 and other wireless mice are vulnerable to the MouseJack keystroke injection attack.

This vulnerability has been highlighted in 2016 but the Logitech M185 is a recent addition to the list of affected devices. Initially, Sopas went through the list and his own Logitech M185 device wasn’t on it. Given the wild popularity of the device, he decided to experiment with his own MouseJack kit, which was built primarily with a US$30 Crazyradio PA and the bettercap application. The MouseJack kit is effective on target devices from up to 100m away.

The security vulnerability of the Logitech M185 mouse makes it susceptible to keystroke attacks, i.e., an attacker can “use specially crafted packets, which generate keypresses instead of mouse movement/clicks.” As proof of concept, Sopas demonstrated his attack by injecting a script to the host computer to launch Windows calculator.

According to the Bastille Networks Internet Security, the only way to avoid such attacks is to stop using affected devices, or wait for firmware updates for their respective manufacturers to patch their vulnerabilities. The MouseJack vulnerability appears to be confined to wireless mice that rely on USB radio dongles over unencrypted communication channels. Bluetooth input devices appear to be unaffected for now.

Do head over to Bastille Networks Internet Security’s site and check if any of your wireless input devices are on the affected list.